Privacy Policy

The controller responsible for data processing on this website is:

Divicode
c/o [Company Name]
[Street, City, Country]
contact@divicode.app

We collect the following categories of personal data:

• ·Account data: Email address and hashed password when you register.
• ·Session data: Session results, feeling-scale entries, text reflections, and AI-generated vision images stored in your account. Draft sessions and local history are stored in your browser’s localStorage and are not transmitted to our servers unless you are signed in.
• ·Payment data: Stripe processes all payment transactions. We store only a Stripe customer ID — we never see or store card numbers.
• ·Usage data: Anonymous analytics events (e.g., session started, paywall viewed) to improve the product. No personally identifiable information is attached to these events.
• ·Technical data: Standard server logs including IP address, browser type, and access times. Logs are retained for 30 days and then deleted.

We process your data on the following legal bases under GDPR Art. 6:

• ·Contract performance (Art. 6(1)(b)): Account creation, session storage, subscription management.
• ·Legitimate interests (Art. 6(1)(f)): Security, fraud prevention, product improvement via anonymous analytics.
• ·Consent (Art. 6(1)(a)): Where we explicitly ask for consent (e.g., optional email communications).

We use the following third-party processors:

• ·Supabase (EU region) — authentication and database. Data is stored in the European Union. Supabase Privacy Policy
• ·Stripe — payment processing. Stripe is PCI-DSS compliant. Stripe Privacy Policy
• ·Leonardo.ai — AI image generation for Quantum Visions. Only the text prompt you provide is sent; no other personal data is transmitted.
• ·Vercel — hosting. Edge network logs may include IP addresses, retained for 30 days.

We retain your data for as long as your account is active. If you delete your account, all personal data is permanently erased within 30 days. Anonymous analytics data may be retained indefinitely in aggregated form.

Under GDPR you have the right to:

• ·Access a copy of your personal data (Art. 15)
• ·Rectify inaccurate data (Art. 16)
• ·Erase your data (“right to be forgotten”, Art. 17)
• ·Restrict processing (Art. 18)
• ·Data portability (Art. 20)
• ·Object to processing (Art. 21)
• ·Lodge a complaint with your national supervisory authority

To exercise any of these rights, email privacy@divicode.app.

We use browser localStorage (not cookies) to store your preferences (theme, language, session drafts) locally on your device. This data never leaves your browser unless you are signed in, in which case session results are synced to your account. No tracking cookies or third-party advertising cookies are used.

Divicode is not directed at children under 16. We do not knowingly collect personal data from minors. If you believe a minor has provided us data, contact us immediately.

We may update this policy. Material changes will be notified via email or an in-app notice. Continued use after notification constitutes acceptance.